From ca7d96c42c68188de0f0beec7f5de49f17ad499e Mon Sep 17 00:00:00 2001 From: Ryan Kurte Date: Wed, 21 Nov 2018 10:22:25 +1300 Subject: [PATCH 1/5] Adds mx records for mailgun to teams.r-e.o (#11) --- route53.tf | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/route53.tf b/route53.tf index bbc5773..d25dde2 100644 --- a/route53.tf +++ b/route53.tf @@ -28,6 +28,33 @@ resource "aws_route53_record" "rust_embedded_org_www" { records = [ "rust-embedded.org" ] } +// MX records for teams.rust-embedded.org email +resource "aws_route53_record" "teams_rust_embedded_org_mx" { + zone_id = "${aws_route53_zone.rust_embedded_org.zone_id}" + name = "teams.rust-embedded.org." + type = "MX" + ttl = "300" + records = [ "mxa.mailgun.org", "mxb.mailgun.org" ] +} + +// SPF record for teams.rust-embedded.org email +resource "aws_route53_record" "teams_rust_embedded_org_spf" { + zone_id = "${aws_route53_zone.rust_embedded_org.zone_id}" + name = "teams.rust-embedded.org." + type = "TXT" + ttl = "300" + records = [ "v=spf1 include:mailgun.org ~all" ] +} + +// DomainKey record for teams.rust-embedded.org email +resource "aws_route53_record" "teams_rust_embedded_org_domainkey" { + zone_id = "${aws_route53_zone.rust_embedded_org.zone_id}" + name = "pic._domainkey.teams.rust-embedded.org." + type = "TXT" + ttl = "300" + records = [ "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMAoVmF2CmWOqzsOpxn+vvlODaIGm6NonRdEDwiFkzIWOS3QnzipZN0RjfhPA2cJ8Ds3FPqhJIPgnjxlGxnypvuaa/2AvbMZAqeyf16ZsBkh7FrZtpZROFcFRtzPD876VHey0BiIJFzZCgS5l9zSeYMKAfe5nos9848sSEurC/yQIDAQAB" ] +} + resource "aws_route53_record" "rust_embedded_org_docs" { zone_id = "${aws_route53_zone.rust_embedded_org.zone_id}" name = "docs.rust-embedded.org." From dc38206b66914682075307e95cc27e5339142add Mon Sep 17 00:00:00 2001 From: Ryan Kurte Date: Wed, 21 Nov 2018 14:01:58 +1300 Subject: [PATCH 2/5] Updated dkim for new mailgun account --- route53.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/route53.tf b/route53.tf index d25dde2..b7b2a55 100644 --- a/route53.tf +++ b/route53.tf @@ -49,10 +49,10 @@ resource "aws_route53_record" "teams_rust_embedded_org_spf" { // DomainKey record for teams.rust-embedded.org email resource "aws_route53_record" "teams_rust_embedded_org_domainkey" { zone_id = "${aws_route53_zone.rust_embedded_org.zone_id}" - name = "pic._domainkey.teams.rust-embedded.org." + name = "mx._domainkey.teams.rust-embedded.org." type = "TXT" ttl = "300" - records = [ "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMAoVmF2CmWOqzsOpxn+vvlODaIGm6NonRdEDwiFkzIWOS3QnzipZN0RjfhPA2cJ8Ds3FPqhJIPgnjxlGxnypvuaa/2AvbMZAqeyf16ZsBkh7FrZtpZROFcFRtzPD876VHey0BiIJFzZCgS5l9zSeYMKAfe5nos9848sSEurC/yQIDAQAB" ] + records = [ "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl4e0N3NmgGI0m5dhFYlHqRyfpbViTdidprT+BDGPzyimP+MG8tV3Wj7VG5umZDAIis51DiUXWcQJADCfVYz7fnb0sV1mFoX9bA1SsKhr11V2DPK9a4IZ7g9JD8kjlY8bpThLBk9RP3d13aS1VKZ2Tm0WYSK1egB4NHVGgLJPJwwIDAQAB" ] } resource "aws_route53_record" "rust_embedded_org_docs" { From 799d6c6be3d100c1c9f5d663765e11b058ee53a1 Mon Sep 17 00:00:00 2001 From: Ryan Kurte Date: Tue, 4 Dec 2018 19:35:10 +1300 Subject: [PATCH 3/5] Fix to MX route entries --- route53.tf | 2 +- terraform.tfstate | 101 +++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 101 insertions(+), 2 deletions(-) diff --git a/route53.tf b/route53.tf index b7b2a55..f7adbbb 100644 --- a/route53.tf +++ b/route53.tf @@ -34,7 +34,7 @@ resource "aws_route53_record" "teams_rust_embedded_org_mx" { name = "teams.rust-embedded.org." type = "MX" ttl = "300" - records = [ "mxa.mailgun.org", "mxb.mailgun.org" ] + records = [ "10 mxa.mailgun.org.", "10 mxb.mailgun.org." ] } // SPF record for teams.rust-embedded.org email diff --git a/terraform.tfstate b/terraform.tfstate index d25c535..5179d56 100644 --- a/terraform.tfstate +++ b/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.10", - "serial": 16, + "serial": 19, "lineage": "06aae676-abab-bb3e-6cf0-33dcc3b68c52", "modules": [ { @@ -364,6 +364,89 @@ "deposed": [], "provider": "provider.aws" }, + "aws_route53_record.teams_rust_embedded_org_domainkey": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_zone.rust_embedded_org" + ], + "primary": { + "id": "Z1K6QDM5H6MZNC_mx._domainkey.teams.rust-embedded.org._TXT", + "attributes": { + "allow_overwrite": "true", + "fqdn": "mx._domainkey.teams.rust-embedded.org", + "health_check_id": "", + "id": "Z1K6QDM5H6MZNC_mx._domainkey.teams.rust-embedded.org._TXT", + "name": "mx._domainkey.teams.rust-embedded.org", + "records.#": "1", + "records.2697817120": "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl4e0N3NmgGI0m5dhFYlHqRyfpbViTdidprT+BDGPzyimP+MG8tV3Wj7VG5umZDAIis51DiUXWcQJADCfVYz7fnb0sV1mFoX9bA1SsKhr11V2DPK9a4IZ7g9JD8kjlY8bpThLBk9RP3d13aS1VKZ2Tm0WYSK1egB4NHVGgLJPJwwIDAQAB", + "set_identifier": "", + "ttl": "300", + "type": "TXT", + "zone_id": "Z1K6QDM5H6MZNC" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_route53_record.teams_rust_embedded_org_mx": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_zone.rust_embedded_org" + ], + "primary": { + "id": "Z1K6QDM5H6MZNC_teams.rust-embedded.org._MX", + "attributes": { + "allow_overwrite": "true", + "fqdn": "teams.rust-embedded.org", + "id": "Z1K6QDM5H6MZNC_teams.rust-embedded.org._MX", + "name": "teams.rust-embedded.org", + "records.#": "2", + "records.2664913317": "10 mxa.mailgun.org.", + "records.3803610238": "10 mxb.mailgun.org.", + "ttl": "300", + "type": "MX", + "zone_id": "Z1K6QDM5H6MZNC" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_route53_record.teams_rust_embedded_org_spf": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_zone.rust_embedded_org" + ], + "primary": { + "id": "Z1K6QDM5H6MZNC_teams.rust-embedded.org._TXT", + "attributes": { + "allow_overwrite": "true", + "fqdn": "teams.rust-embedded.org", + "health_check_id": "", + "id": "Z1K6QDM5H6MZNC_teams.rust-embedded.org._TXT", + "name": "teams.rust-embedded.org", + "records.#": "1", + "records.1008113961": "v=spf1 include:mailgun.org ~all", + "set_identifier": "", + "ttl": "300", + "type": "TXT", + "zone_id": "Z1K6QDM5H6MZNC" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_route53_zone.areweembeddedyet_com": { "type": "aws_route53_zone", "depends_on": [], @@ -371,6 +454,7 @@ "id": "Z1Q9EUUS8L74PK", "attributes": { "comment": "Managed by Terraform", + "delegation_set_id": "", "force_destroy": "false", "id": "Z1Q9EUUS8L74PK", "name": "areweembeddedyet.com.", @@ -380,6 +464,9 @@ "name_servers.2": "ns-393.awsdns-49.com", "name_servers.3": "ns-683.awsdns-21.net", "tags.%": "0", + "vpc.#": "0", + "vpc_id": "", + "vpc_region": "", "zone_id": "Z1Q9EUUS8L74PK" }, "meta": {}, @@ -395,6 +482,7 @@ "id": "Z2GJVQBHJNLGYL", "attributes": { "comment": "Managed by Terraform", + "delegation_set_id": "", "force_destroy": "false", "id": "Z2GJVQBHJNLGYL", "name": "rust-embedded.com.", @@ -404,6 +492,9 @@ "name_servers.2": "ns-218.awsdns-27.com", "name_servers.3": "ns-879.awsdns-45.net", "tags.%": "0", + "vpc.#": "0", + "vpc_id": "", + "vpc_region": "", "zone_id": "Z2GJVQBHJNLGYL" }, "meta": {}, @@ -419,6 +510,7 @@ "id": "Z1K6QDM5H6MZNC", "attributes": { "comment": "Managed by Terraform", + "delegation_set_id": "", "force_destroy": "false", "id": "Z1K6QDM5H6MZNC", "name": "rust-embedded.org.", @@ -428,6 +520,9 @@ "name_servers.2": "ns-298.awsdns-37.com", "name_servers.3": "ns-758.awsdns-30.net", "tags.%": "0", + "vpc.#": "0", + "vpc_id": "", + "vpc_region": "", "zone_id": "Z1K6QDM5H6MZNC" }, "meta": {}, @@ -452,6 +547,7 @@ "force_destroy": "false", "hosted_zone_id": "Z3AQBSTGFYJSTF", "id": "areweembeddedyet.com", + "lifecycle_rule.#": "0", "logging.#": "0", "region": "us-east-1", "replication_configuration.#": "0", @@ -491,6 +587,7 @@ "force_destroy": "false", "hosted_zone_id": "Z3AQBSTGFYJSTF", "id": "rust-embedded.com", + "lifecycle_rule.#": "0", "logging.#": "0", "region": "us-east-1", "replication_configuration.#": "0", @@ -530,6 +627,7 @@ "force_destroy": "false", "hosted_zone_id": "Z3AQBSTGFYJSTF", "id": "www.areweembeddedyet.com", + "lifecycle_rule.#": "0", "logging.#": "0", "region": "us-east-1", "replication_configuration.#": "0", @@ -569,6 +667,7 @@ "force_destroy": "false", "hosted_zone_id": "Z3AQBSTGFYJSTF", "id": "www.rust-embedded.com", + "lifecycle_rule.#": "0", "logging.#": "0", "region": "us-east-1", "replication_configuration.#": "0", From 804da3b80c200568e0afc8776feb150f2531659b Mon Sep 17 00:00:00 2001 From: Ryan Kurte Date: Tue, 4 Dec 2018 19:36:48 +1300 Subject: [PATCH 4/5] Added teams list --- teams.rust-embedded.org.json | 52 ++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 teams.rust-embedded.org.json diff --git a/teams.rust-embedded.org.json b/teams.rust-embedded.org.json new file mode 100644 index 0000000..703122a --- /dev/null +++ b/teams.rust-embedded.org.json @@ -0,0 +1,52 @@ +[ + { + "Address": "cortex-a@teams.rust-embedded.org", + "Name": "cortex-a", + "Description": "Cortex A Team" + }, + { + "Address": "cortex-m@teams.rust-embedded.org", + "Name": "cortex-m", + "Description": "Cortex-m Team" + }, + { + "Address": "cortex-r@teams.rust-embedded.org", + "Name": "cortex-r", + "Description": "Cortex-R Team" + }, + { + "Address": "embedded-hal@teams.rust-embedded.org", + "Name": "embedded-hal", + "Description": "Embedded Hal Team" + }, + { + "Address": "embedded-linux@teams.rust-embedded.org", + "Name": "embedded-linux", + "Description": "Embedded Linux Team" + }, + { + "Address": "infrastructure@teams.rust-embedded.org", + "Name": "infrastructure", + "Description": "Infrastructure Team" + }, + { + "Address": "irr-2018@teams.rust-embedded.org", + "Name": "irr-2018", + "Description": "Increasing Rust Reach 2018 Team" + }, + { + "Address": "msp430@teams.rust-embedded.org", + "Name": "msp430", + "Description": "msp430 Team" + }, + { + "Address": "resources@teams.rust-embedded.org", + "Name": "resources", + "Description": "Resources Team" + }, + { + "Address": "risk-v@teams.rust-embedded.org", + "Name": "risk-v", + "Description": "RISK-V team" + } +] \ No newline at end of file From 85a2602d4a45d2c02f6fee152d91e3dc7212731c Mon Sep 17 00:00:00 2001 From: Ryan Kurte Date: Tue, 4 Dec 2018 20:43:53 +1300 Subject: [PATCH 5/5] Updated readme with mail notes --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 8c45479..3a56ac6 100644 --- a/README.md +++ b/README.md @@ -6,3 +6,13 @@ rust-embedded-provisioning This repository provides the [Terraform](https://www.terraform.io/) configuration for [Amazon Web Services](https://aws.amazon.com) infrastructure used by the [Rust Embedded](https://github.com/rust-embedded) organization. + +## DNS + +DNS records are configured in [route53.tf](route53.tf) and manually applied using terraform. + +## Mail + +`teams.rust-embedded.org` mailing lists are managed using a dedicated mailgun account that @ryankurte and @nastevens have access to. +The [teams.rust-embedded.org.json](teams.rust-embedded.org.json) file contains a list of team email addresses that can be synchronized to a mailgun instance using [ryankurte/mg-cli](https://github.com/ryankurte/mg-cli), synchronisation and user mangement are currently manual. +